Skip to main content

Posts

Showing posts from September, 2013

[Azure Websites PHP] Cross Domain request results in blank response page after Preflight HTTP OPTIONS

THE PROBLEM

I've deployed a REST API application (CodeIgniter with Phil Sturgeon's Rest-Server library) on Azure Websites.

Although I've set the Access-Control-* header in my PHP application:
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS');
header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept');
(If you need a working test file, here's the gist for the test file)

But Azure Websites server doesn't return the headers in response.

And thus all requests to the server failed with the error message:
Origin http://example.azurewebsites.net is not allowed by Access-Control-Allow-Origin. In order to make sure there's no problem with my application, I've deployed the same code to Appfog.com. And as expected, the application works just fine.




THE SOLUTION

After talking to Microsoft Support, we found …